[ 姓云还是姓晕~ 一测便知] { 30号晚间 } ·42X·

显示全部楼层 · 发表于 2008-11-30 22:42:04

现在流行“YUN安全”  不少安软声称自己拥有YUN计算或YUN安全计划
但到底是姓云还是姓晕，不妨扫扫这里的样本

再看看我近期的这些帖子：
33x - [金山江民卡巴打了很多酱油]       http://bbs.kafan.cn/viewthread.php?tid=372575
冬天来了~26th晚间 - -! 183x                http://bbs.kafan.cn/viewthread.php?tid=375924
大风降温~ 27th晚间 64x ~ 查漏补缺~    http://bbs.kafan.cn/viewthread.php?tid=376657
[ 查漏补缺の第二话~ ] 29th ~{ 70X }~    http://bbs.kafan.cn/viewthread.php?tid=377678

按照云计算解决安全问题的核心思想：
只要有极少的用户感染，那么整个参与云计算的节点都可以分享云计算的成果——也就是样本得以迅速分析查杀
也就是说，真正拥有且应用了云计算的安全产品按道理说检出率不会很低（反之不一定成立）

这些帖子（包括此贴）里的样本，皆取自卡饭样本区发布的Downloader里的list或挂马网址的Downloader的list
连续的观察这些帖子里各个杀软的表现，就可以在一定程度上看到，到底姓云还是姓晕了

[ 本帖最后由 will 于 2008-11-30 22:44 编辑 ]

显示全部楼层 · 发表于 2008-11-30 22:45:53

IK 42个

30:11:2008 22:44:47 SEARCHTASK "USER_DEFINED" started...
scan item: C:\Documents and Settings\Administrator\桌面\MCLS
File scanned: C:\Documents and Settings\Administrator\桌面\MCLS\MCLS\MCLS001.exe - SIGNATURE FOUND "Trojan-Spy.Win32.Treemz"
File scanned: C:\Documents and Settings\Administrator\桌面\MCLS\MCLS\MCLS002.exe - SIGNATURE FOUND "Virus.Win32.Agent.ZRP"
File scanned: C:\Documents and Settings\Administrator\桌面\MCLS\MCLS\MCLS003.exe - SIGNATURE FOUND "Virus.Win32.Agent.ZRP"
File scanned: C:\Documents and Settings\Administrator\桌面\MCLS\MCLS\MCLS004.exe - SIGNATURE FOUND "Trojan-Spy.Win32.Treemz"
File scanned: C:\Documents and Settings\Administrator\桌面\MCLS\MCLS\MCLS005.exe - SIGNATURE FOUND "Trojan-Spy.Win32.Treemz"
File scanned: C:\Documents and Settings\Administrator\桌面\MCLS\MCLS\MCLS006.exe - SIGNATURE FOUND "Trojan-PWS.Win32.Agent.hf"
File scanned: C:\Documents and Settings\Administrator\桌面\MCLS\MCLS\MCLS007.exe - SIGNATURE FOUND "Trojan-PWS.Win32.Agent.hf"
File scanned: C:\Documents and Settings\Administrator\桌面\MCLS\MCLS\MCLS008.exe - SIGNATURE FOUND "Trojan-PWS.Win32.Agent.hf"
File scanned: C:\Documents and Settings\Administrator\桌面\MCLS\MCLS\MCLS009.exe - SIGNATURE FOUND "Trojan-PWS.Win32.Agent.hf"
File scanned: C:\Documents and Settings\Administrator\桌面\MCLS\MCLS\MCLS010.exe - SIGNATURE FOUND "Trojan-PWS.Win32.Agent.hf"
File scanned: C:\Documents and Settings\Administrator\桌面\MCLS\MCLS\MCLS011.exe - SIGNATURE FOUND "Trojan.Delf.NEB"
File scanned: C:\Documents and Settings\Administrator\桌面\MCLS\MCLS\MCLS012.exe - SIGNATURE FOUND "Trojan-Dropper.Delf"
File scanned: C:\Documents and Settings\Administrator\桌面\MCLS\MCLS\MCLS013.exe - SIGNATURE FOUND "Backdoor.Win32.Banito.Plugin.A"
File scanned: C:\Documents and Settings\Administrator\桌面\MCLS\MCLS\MCLS014.exe - SIGNATURE FOUND "Trojan-PWS.Win32.Agent.hf"
File scanned: C:\Documents and Settings\Administrator\桌面\MCLS\MCLS\MCLS015.exe - SIGNATURE FOUND "Trojan.Zlob"
File scanned: C:\Documents and Settings\Administrator\桌面\MCLS\MCLS\MCLS016.exe - SIGNATURE FOUND "Constructor.Win32.Delf.Delf"
File scanned: C:\Documents and Settings\Administrator\桌面\MCLS\MCLS\MCLS017.exe - SIGNATURE FOUND "Trojan-PWS.Win32.QQPass"
File scanned: C:\Documents and Settings\Administrator\桌面\MCLS\MCLS\MCLS018.exe - SIGNATURE FOUND "Backdoor.Win32.Venik"
File scanned: C:\Documents and Settings\Administrator\桌面\MCLS\MCLS\MCLS019.exe - SIGNATURE FOUND "Trojan.Flystudio.AI"
File scanned: C:\Documents and Settings\Administrator\桌面\MCLS\MCLS\MCLS020.exe - SIGNATURE FOUND "Trojan.Copiet.B.1"
File scanned: C:\Documents and Settings\Administrator\桌面\MCLS\MCLS\MCLS021.exe - SIGNATURE FOUND "Virus.Win32.Agent.ZRP"
File scanned: C:\Documents and Settings\Administrator\桌面\MCLS\MCLS\MCLS022.exe - SIGNATURE FOUND "Win32.SuspectCrc"
File scanned: C:\Documents and Settings\Administrator\桌面\MCLS\MCLS\MCLS023.exe - SIGNATURE FOUND "Win32.SuspectCrc"
File scanned: C:\Documents and Settings\Administrator\桌面\MCLS\MCLS\MCLS024.exe - SIGNATURE FOUND "Win32.SuspectCrc"
File scanned: C:\Documents and Settings\Administrator\桌面\MCLS\MCLS\MCLS025.exe - SIGNATURE FOUND "Win32.SuspectCrc"
File scanned: C:\Documents and Settings\Administrator\桌面\MCLS\MCLS\MCLS026.exe - SIGNATURE FOUND "Win32.SuspectCrc"
File scanned: C:\Documents and Settings\Administrator\桌面\MCLS\MCLS\MCLS027.exe - SIGNATURE FOUND "Trojan.Flystudio.AI"
File scanned: C:\Documents and Settings\Administrator\桌面\MCLS\MCLS\MCLS028.exe - SIGNATURE FOUND "Win32.SuspectCrc"
File scanned: C:\Documents and Settings\Administrator\桌面\MCLS\MCLS\MCLS029.exe - SIGNATURE FOUND "Trojan.Win32.AgentBypass"
File scanned: C:\Documents and Settings\Administrator\桌面\MCLS\MCLS\MCLS030.exe - SIGNATURE FOUND "Win32.SuspectCrc"
File scanned: C:\Documents and Settings\Administrator\桌面\MCLS\MCLS\MCLS031.exe - SIGNATURE FOUND "Win32.SuspectCrc"
File scanned: C:\Documents and Settings\Administrator\桌面\MCLS\MCLS\MCLS032.exe - SIGNATURE FOUND "Win32.SuspectCrc"
File scanned: C:\Documents and Settings\Administrator\桌面\MCLS\MCLS\MCLS033.exe - SIGNATURE FOUND "Win32.SuspectCrc"
File scanned: C:\Documents and Settings\Administrator\桌面\MCLS\MCLS\MCLS034.exe - SIGNATURE FOUND "Win32.SuspectCrc"
File scanned: C:\Documents and Settings\Administrator\桌面\MCLS\MCLS\MCLS035.exe - SIGNATURE FOUND "Win32.SuspectCrc"
File scanned: C:\Documents and Settings\Administrator\桌面\MCLS\MCLS\MCLS036.exe - SIGNATURE FOUND "Trojan.Flystudio.AI"
File scanned: C:\Documents and Settings\Administrator\桌面\MCLS\MCLS\MCLS037.exe - SIGNATURE FOUND "Win32.SuspectCrc"
File scanned: C:\Documents and Settings\Administrator\桌面\MCLS\MCLS\MCLS038.exe - SIGNATURE FOUND "Win32.SuspectCrc"
File scanned: C:\Documents and Settings\Administrator\桌面\MCLS\MCLS\MCLS039.exe - SIGNATURE FOUND "Win32.SuspectCrc"
File scanned: C:\Documents and Settings\Administrator\桌面\MCLS\MCLS\MCLS040.exe - SIGNATURE FOUND "Trojan.Win32.Agent"
File scanned: C:\Documents and Settings\Administrator\桌面\MCLS\MCLS\MCLS041.exe - SIGNATURE FOUND "Win32.SuspectCrc"
File scanned: C:\Documents and Settings\Administrator\桌面\MCLS\MCLS\MCLS042.exe - SIGNATURE FOUND "Win32.SuspectCrc"
30:11:2008 22:44:55 SEARCHTASK "USER_DEFINED" FINISHED...
----------------------------------------------------
Directories scanned: 2
Files scanned: 42
Virus found: 42
----------------------------------------------------

显示全部楼层 · 发表于 2008-11-30 22:48:05

在趋势的云计算中心，能查到详细的数据，可以看见真的在起作用。。。
McAfee和熊猫是在做白名单的比对。。。也可以通过开启和关闭相关功能，看见效果。。。
其他的就。。。

显示全部楼层 · 发表于 2008-11-30 22:59:18

国产的呢？瑞星金山江民…这三家不都说自己YUN了么？不是每天可以截获多少多少样本？不是检出能高提高多少多少倍？病毒库不是多少多少千万了么？

[ 本帖最后由 will 于 2008-11-30 23:06 编辑 ]

显示全部楼层 · 发表于 2008-11-30 23:13:25

ESET 全

显示全部楼层 · 发表于 2008-11-30 23:19:28

我说的三个是在使用时能感受到实际效果的。。。
其他的不是用“。。。”带过了么。。。

显示全部楼层 · 发表于 2008-11-30 23:26:09

TO KL

显示全部楼层 · 发表于 2008-12-1 01:21:26

扫描统计:
扫描时间: 16秒
扫描选项:
扫描目标: C:\Documents and Settings\桌面\MCLS.zip
计数:
  扫描的项目总数: 44
  - 文件和目录: 44
  - 注册表条目: 0
  - 进程和启动项目: 0
  - 网络和浏览器项目: 0
  - 其他: 0
  - 受信任文件: 0
  - 跳过的文件: 0

  检测到的安全风险总数: 38
  已解决的项目总数: 38
  需要注意的项目总数: 0

显示全部楼层 · 发表于 2008-12-1 09:14:53

显示全部楼层 · 发表于 2008-12-1 09:26:32

MFCS……32个~~

[病毒样本] [ 姓云还是姓晕~ 一测便知] { 30号晚间 } ·42X·

本帖子中包含更多资源

回复 3楼 abeyl 的帖子

回复 4楼 will 的帖子

本帖子中包含更多资源

本帖子中包含更多资源

浏览过的版块